Last Revised On: June 2025
This Privacy Policy has been adopted by Wowzer Technologies Inc. ("WOW Backup and Restore", "we", "us", and "our"), including any corporate entity owned or controlled by this company. Our employees, contractors, consultants, partners and any other third-party entities that at our direction have access to your personal information are bound by and must adhere to this Privacy Policy.
By providing personal information to us you consent to our collection, use and disclosure of your personal information in accordance with this Privacy Policy. We reserve the right to make amendments to this Privacy Policy at any time. Material changes will be notified to you by email or by prominent notice on our Services. If you have objections to this Privacy Policy, you should notify us immediately.
This Privacy Policy applies to all Services provided by Wowzer Technologies Inc., including WOW Backup and Restore and any AI-assisted features provided as part of or in connection with those Services.
As responsible data custodians we are committed to protecting your personal information. This Privacy Policy outlines how we collect, use, store and disclose your personal information in accordance with the privacy principles outlined in the different jurisdictions we operate within, including:
We may collect personal information that you have supplied to us, including:
In providing the Services, we collect and store Customer Data on your behalf, including financial and accounting data extracted from your connected accounting platforms (such as Xero, QuickBooks Online, or MYOB). This data may include:
As between you and Wowzer Technologies, you retain ownership of and responsibility for this Customer Data. We process it as your data processor or service provider, not as an independent data controller.
We may collect information about how you use the Services, including log data, device information, IP addresses, and usage patterns. This information is used to maintain and improve the Services and is not used to build profiles for advertising purposes.
We use personal information to provide, maintain, and improve the Services, including:
How we use your data for AI-assisted features
When you use AI-assisted features within the Services, relevant portions of your Customer Data are transmitted to a third-party AI inference provider (Anthropic, PBC) for the sole purpose of generating a response to your specific query. This section explains exactly how that works and what protections are in place.
Specifically, when you use an AI-assisted feature:
We do not use Customer Data submitted through AI-assisted features for any purpose other than generating the requested response. We do not sell or licence Customer Data to Anthropic or any other party.
We may use aggregated, de-identified data derived from usage of the Services (including AI-assisted features) to improve and enhance our Services. This data does not identify you or your clients individually.
We may disclose your personal information in the following circumstances:
We use the following categories of third-party service providers and sub-processors to assist in providing the Services. We ensure that each provider is bound by appropriate data protection obligations:
| Provider | Location | Category | Purpose |
|---|---|---|---|
| Amazon Web Services | Multiple regions | Cloud infrastructure | Data storage and backup infrastructure |
| Microsoft Azure | Multiple regions | Cloud infrastructure | Data storage and backup infrastructure |
| Anthropic, PBC [NEW] | United States | AI inference (when AI features activated) | Processes Customer Data as read-only inference context only. No model training. No retention beyond processing window. |
Some of our sub-processors, including Anthropic, PBC, are located in the United States. When Customer Data is transferred outside your country of residence in connection with the Services, we take steps to ensure appropriate protections are in place consistent with applicable privacy legislation in your jurisdiction.
Cross-border disclosures to sub-processors in the United States are made on the basis that Wowzer Technologies has taken reasonable steps, consistent with Australian Privacy Principle 8, to ensure that those recipients handle personal information in a way that is substantially similar to the APPs. By using the Services, you consent to cross-border disclosure on this basis.
Cross-border transfers to sub-processors in the United States are made on the basis that Wowzer Technologies has taken reasonable steps, consistent with the New Zealand Privacy Act 2020, to ensure that equivalent protections apply. By using the Services, you consent to cross-border disclosure on this basis.
Personal information may be transferred to, and processed in, the United States by our sub-processors. You acknowledge that personal information transferred to the United States may be subject to access by US government authorities under US law. Such transfers are made consistent with PIPEDA accountability principles, and we remain responsible for personal information transferred to sub-processors.
Transfers of personal data to sub-processors in the United States are made on the basis of appropriate safeguards as required by UK GDPR Article 46, including where applicable the use of International Data Transfer Agreements (IDTAs) or equivalent mechanisms. A copy of applicable transfer safeguards is available on request.
Where personal information of California residents is processed, Wowzer Technologies acts as a service provider under the CCPA/CPRA and does not sell or share personal information for cross-context behavioural advertising. Processing by Anthropic as a sub-processor is limited to the service purpose described in this Policy.
You have the right to access personal information we hold about you, and to request correction of inaccurate information. To make a request, please contact us in writing. We will respond within a reasonable timeframe consistent with applicable legislation.
Under PIPEDA, you have the right to access personal information we hold about you, to know how it is used and disclosed, and to challenge our compliance with PIPEDA. You may withdraw consent to our processing of your personal information at any time, subject to legal or contractual restrictions, by contacting us in writing. Note that withdrawal of consent may affect our ability to provide the Services.
Under UK GDPR, you have the following rights in respect of personal data we process as a data controller:
In respect of your clients' personal data processed by us on your behalf, you are the data controller and we are the data processor. Requests from your clients to exercise their data subject rights should be directed to you as the data controller, and we will assist you in responding to those requests as required.
Depending on your state of residence, you may have rights under applicable state privacy law, including the right to know what personal information we collect and how it is used, the right to delete personal information, the right to correct inaccurate personal information, the right to opt out of the sale or sharing of personal information (we do not sell or share personal information), and the right to non-discrimination for exercising privacy rights. To exercise applicable rights, please contact us using the details below.
We take our security obligations seriously. Your personal information is regarded as confidential and may be held in both hard copy and electronic versions. We will take all reasonable steps to safeguard your information so that it is not misused, lost, modified, accessed by unauthorised persons or disclosed without authorisation.
We are committed to responding to data breaches in accordance with our obligations under applicable privacy legislation, including the Australian Notifiable Data Breaches scheme, the New Zealand Privacy Act 2020, PIPEDA breach of security safeguards requirements, UK GDPR Article 33, and applicable US state breach notification laws. We will notify the appropriate authority and you if there is unauthorised access to, unauthorised disclosure of, or loss of personal information held by us where this is likely to result in serious harm.
We will retain Customer Data for the duration of your agreement with us and will delete or return Customer Data no later than two (2) years following the end of our agreement with you, unless otherwise required by applicable law.
Personal data submitted to Anthropic's inference API in connection with AI-assisted features is not retained by Anthropic beyond the processing window required to generate the requested response.
Account and administrative personal information is retained for as long as necessary to fulfil the purposes for which it was collected, including legal, accounting, and reporting requirements.
You have a right to access your personal information, subject to exceptions allowed by law. If you would like to do so, please provide us with a request in writing to the contact details listed below. We will endeavour to respond within four weeks of receiving your request. We reserve the right to charge a reasonable fee for complex access requests. Where we cannot provide you with access to all of your personal information, we will provide you with reasons.
If at any time you believe that information we hold about you is incomplete, inaccurate, or not up to date, please contact us and we will take reasonable steps to correct the information in accordance with applicable privacy legislation.
Our website uses cookies and similar tracking technologies to track website usage, preferences, and personal account information. You may configure your browser to refuse cookies, though some features of the Services may not function correctly if cookies are disabled. We do not use cookies for advertising or cross-site tracking purposes.
If you have a complaint regarding the way we have handled your information, or have any questions about this Privacy Policy or your personal information, please contact us at: https://wowzer.tech/support
If you are not satisfied with our response to a complaint, you may have the right to escalate your complaint to the relevant privacy authority in your jurisdiction:
Wowzer Technologies Inc. | wowzer.tech | June 2025